Enable the FTP (vsftpd) service in Linux

Enable the FTP (vsftpd) service in Linux
1. check whether or not to install
# Rpm-Qa | grep vsftpd

2. New Installation
# Rpm-IVH vsftpd-2.0.1-5.i386.rpm

3. start/stop/restart
# Service vsftpd start
# Service vsftpd stop
# Service vsftpd restart

4. Main configuration file
# Vi/etc/vsftpd. conf

# Anonymous user configuration
Anonymous_enable = yes # whether anonymous FTP is allowed. Otherwise, select No
Anon_upload_enable = yes # whether anonymous users can upload data
Anon_mkdir_write_enable = yes # Can an anonymous user create a directory?
Anon_other_write_enable = yes # modify the file name and delete the file

# Local User Configuration
Local_enable = yes # allow local users to log on
Local_umask = 022 # umask default 755
Write_enable = Yes
Chroot_local_user = yes # The local user is banned from the home directory.

Chroot_list_enable = yes # whether to restrict system users to their home directories
Chroot_list_file =/etc/vsftpd. chroot_list # list of non-chroot users

Chown_upload = yes # Whether to change the owner of the uploaded file
Chown_username = username # If you need to enter a system user name

Userlist_enable = Yes
Userlist_deny = No

Deny_email_enable = yes # whether anonymous users are allowed to use certain email addresses
Banned_email_file =/etc/vsftpd. banned_emails # file path for prohibiting email addresses

Ftpd_banner = welcome to chenlf FTP service. # customize welcome information
Dirmessage_enable = yes # Whether to display the directory description file. You need to create a. Message file.
Message_file = # Set the file name of the directory information file obtained when accessing a directory. The default value is. Message.

Xferlog_enable = yes # Whether to record the FTP Transfer Process
Xferlog_file =/var/log/vsftpd. log # FTP transfer log path and name
Xferlog_std_format = yes # whether to use the standard FTP xferlog Mode

Ascii_upload_enable = yes # whether to use ASCII code to upload files
Ascii_download_enable = yes # whether to use ASCII code to download an object

Connect_from_port_20 = yes # Are you sure the port is transmitted from 20 (ftp-data)

Nopriv_user = ft1_cure # The non-privileged system user required to run vsftpd is nobody by default.

Async_abor_enable = yes # whether to allow special FTP commands async Abor.

# Ftp server resource restrictions

Idle_session_timeout = 600 # Set the Session Timeout time
Data_connection_timeout = 120 # Set the data transmission timeout time

Max_clients = 50 # the maximum number of user connections is 0 by default.
Max_per_ip = 5 # maximum number of connections per IP Address

Anon_max_rate = 102400 # anonymous download speed KB
Local_max_rate = 102400 # normal user download speed KB

5. other configuration files
/Etc/xinetd. d/vsftpd

Service ftp
{
Socket_type = stream
Wait = No
User = root
Server =/usr/local/sbin/vsftpd
# Server_args =
# Log_on_success + = duration userid
# Log_on_failure + = userid
Nice = 10
Disable = No
}

/Etc/PAM. d/vsftpd
PAM Authentication

/Etc/vsftpd. chroot_list
This file contains the username that has permissions on all FTP content on the server. For other users, their home directories on the server are displayed as root directories.

/Etc/shells
Before allowing a local user to log on, the system checks whether a valid user shell exists by default. In case of PAM Authentication unavailability.
/Etc/ftpusers
This file contains * user names that prohibit * FTP login, usually "root", "uucp", "news", and so on, because these users have too many permissions, causing a high risk of FTP misoperations.

6. Firewall settings

If you are using the default susefirewall2, In the YaST-system-/etc/sysconfig Editor, network-SuSEfirewall2

Add FTP to fw_services_ext_tcp. For example, if you want to enable SSH

Fw_services_ext_tcp "FTP ssh"

If you need passive mode FTP and Nat, in YaST-system-/etc/sysconfig Editor, network-SuSEfirewall2

Fw_load_modules "ip_conntrack_ftp ip_nat_ftp"

Another method is to directly modify the firewall configuration file:
# Cd/etc/sysconfig/
# Vi susefirewall2
Fw_services_ext_tcp "FTP 21 Telnet 23"
# Rcsusefirewall2 restart